﻿using _14Net8AspNetCore_Authorization.Context;
using _14Net8AspNetCore_Authorization.Models;
using Microsoft.AspNetCore.Authorization;
using System.Security.Claims;

namespace _14Net8AspNetCore_Authorization.Authrizes
{
    public class PasswordAuthorizationHandler : AuthorizationHandler<PassWordAuthorizationReuirement>
    {

        private readonly AuthorizationDbContext _DbContext;

        public PasswordAuthorizationHandler(AuthorizationDbContext dbContext)
        {
            _DbContext = dbContext;
        }

        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PassWordAuthorizationReuirement requirement)
        {
            #region 静态策略
            //{
            //// 1、获取用户信息
            //Claim claim2 = context.User.Claims.FirstOrDefault(S => S.Type == "password");

            //// 2、获取密码（权限）
            //string userPassword = claim2.Value;

            //// 3、获取接口权限
            //string interfacePassword = _DbContext.permissions.FirstOrDefault(T => T.Name == "permisson").Value;

            //// 4、鉴权
            //if (userPassword == interfacePassword)
            //{
            //    context.Succeed(requirement);
            //}
            //else
            //{
            //    context.Fail(new AuthorizationFailureReason(this, "权限不足"));
            //}
            //return Task.CompletedTask;
            //}

            #endregion

            #region 动态策略
            //{
            //    // 1、获取用户信息
            //    Claim claim2 = context.User.Claims.FirstOrDefault(S => S.Type == requirement.RequireName);

            //    // 2、获取密码（权限）
            //    string userPassword = claim2.Value;

            //    // 3、获取接口权限
            //    string interfacePassword = _DbContext.permissions.FirstOrDefault(T => T.Name == requirement.RequireName).Value;

            //    // 4、鉴权
            //    if (userPassword == interfacePassword)
            //    {
            //        context.Succeed(requirement);
            //    }
            //    else
            //    {
            //        context.Fail(new AuthorizationFailureReason(this, "权限不足"));
            //    }
            //    return Task.CompletedTask;
            //}
            #endregion

            #region 动态查询->用户权限表和权限表
            {
                // 1、获取用户信息
                string name = context.User.Identity.Name;

                // 2、用户权限
                UsePermission usePermission = _DbContext.UsePermissions.FirstOrDefault(T => T.UserName == name && T.Name == requirement.RequireName);

                // 3、获取接口权限
                string interfacePassword = _DbContext.permissions.FirstOrDefault(T => T.Name == requirement.RequireName).Value;

                // 4、鉴权
                if (usePermission != null && usePermission.Value == interfacePassword)
                {
                    context.Succeed(requirement);
                }
                else
                {
                    context.Fail(new AuthorizationFailureReason(this, "权限不足"));
                }
                return Task.CompletedTask;
            }
            #endregion
        }
    }
}
